<?php
	include '../common/db.inc';
	$conn = new mysqli($host, $username, $password, $dbname);	
	$conn->query("set names 'utf8'");	
	if (mysqli_connect_errno()) {
	    printf("Connect failed: %s\n", mysqli_connect_error());
	    exit();
	}
	
	$f = $conn->real_escape_string($_GET['f']);
	$u= $conn->real_escape_string($_GET['u']);
	$e = $conn->real_escape_string($_GET['e']);
	
	$strSQL = "call sp_GetEBookById('$e')";
	if($result = @$conn->query($strSQL))
	{
		$row = $result->fetch_object();
		$mana = $row->Mana;
	}
	
	$conn->close();
	
	session_start();
	if($_SESSION['user_mana'] >= $mana)
		header("Location: ../user/download.php?f=$f&u=$u&e=$e");
?>